For any library that invests in IGI Global's InfoSci-Books and/or InfoSci-Journals databases, IGI Global will match the library’s investment with a fund of equal value to go toward subsidizing the OA APCs for their faculty patrons when their work is submitted/accepted under OA into an IGI Global journal.

Subscribe to the Latest Research Through IGI Global's InfoSci-OnDemand Plus

InfoSci®-OnDemand Plus, a subscription-based service, provides researchers the ability to access full-text content from over 100,000+ peer-reviewed book chapters and 25,000+ scholarly journal articles that spans across 350+ topics in 11 core subjects. Users can select articles or chapters that meet their interests and gain access to the full content permanently in their personal online InfoSci-OnDemand Plus library.

Purchase the Encyclopedia of Information Science and Technology, Fourth Edition

and Receive Complimentary E-Books of Previous Editions

When ordering directly through IGI Global's Online Bookstore, receive the complimentary e-books for the first, second, and third editions with the purchase of the Encyclopedia of Information Science and Technology, Fourth Edition e-book.

Create a Free IGI Global Library Account to Receive a 25% Discount on All Purchases

Exclusive benefits include one-click shopping, flexible payment options, free COUNTER 5 reports and MARC records, and a 25% discount on single all titles, as well as the award-winning InfoSci®-Databases.

Abstract

The world’s critical infrastructure includes entities such as the water, waste water, electrical utilities, and the oil and gas industry. In many cases, these rely on pipelines that are controlled by supervisory control and data acquisition (SCADA) systems. SCADA systems have evolved to highly networked, common platform systems. This evolutionary process creates expanding and changing cyber security risks. The need to address this risk profile is mandated from the highest government level. This chapter discusses the various processes, standards, and industry based best practices that are directed towards minimizing these risks.

Introduction

This chapter provides practitioners, researchers and those interested in critical infrastructure cyber security concerns a sound foundation on cyber security for crude oil transportation critical infrastructure SCADA systems. Understanding how evolutionary processes have changed this infrastructure control system landscape and how industry is responding to ever increasing cyber security threats is essential for anyone who interacts with these systems at any level.

This chapter’s objective is to provide the SCADA system practitioner, manager, engineer, researcher and interested parties an overview of today’s SCADA cyber security systems how they came to be, the challenges facing the owner/operator, a review of current industry standards and regulatory landscape as well as examples of how some entities are securing their SCADA networks. This information source provides all interested parties sufficient information to allow them to take the next steps in enhancing their system’s cyber security posture.

To this end, the chapter is organized in a progressive manner with each section building on the next in following the following sequence.

•

Critical infrastructure – what is it? A discussion on critical infrastructure and its background

•

SCADA Systems; a review of how SCADA systems have evolved to the current cyber risk state

Critical Infrastructure: What Is It?

Oil and gas transportation systems are identified as national level critical infrastructures. These infrastructures are essential to every nation’s safety, defense, private industry commerce, business operations, and normal life. At some level, every nation’s electrical grid, commercial enterprises, military facilities, businesses and homes are dependent on the safe, highly available, and reliable delivery of oil and gas liquids. Historical evidence, such as the recent earthquakes and hurricane events, clearly show that if the oil and gas infrastructures are no longer available, the ability to provide essential services is severely constrained or even prevented.

Transporting liquids from point A to point B has a rich historical background. Using pipelines to move liquid is traced back to at least the tenth century B.C. Around 691 B.C., the first water aqueduct was built in Assyria (BookRags, 2010) while later “The first aqueduct built to supply Rome …was constructed about 312 B. C. and had a length of about 11 miles” (Turneaure et al. 1916). Since these early water transportation efforts, utilization of pipeline systems to move water and other liquid and slurry commodities continues to increase. As an example, the United States (US) Department of Transportation (DOT), Pipeline and Hazardous Materials Safety Administration (PHMSA) Office of Pipeline Safety website identifies that within the United States, 168,900 miles of onshore and offshore hazardous crude oil liquid pipelines are in service. Overall, the “…energy transportation network of the United States consists of over 2.5 million miles of pipelines. That’s enough to circle the earth about 100 times” (PHMSA, 2010).